Março 17, 2019

What's new in Knox 3.3?

Karen Castro

Pushing boundaries to enhance security and usability is Samsung’s newest Knox platform release—Knox 3.3.

This release includes Knox Verified boot, which now monitors and protects the boot process, in addition to Knox security built at a hardware level.

Highlights in this release:

  • Knox Verified Boot: new enhancements to harden and secure your device boot process.
  • Dual Data-at-Rest (DAR): dual encryption adds a layer of security for the Knox Workspace.
  • Samsung DeX: added options to manage Samsung DeX.
  • Analytics: enhancements to Network Platform Analytics (NPA).
  • VPN: functionality improvements to VPN.

 

Knox Verified Boot

Providing a more reliable Verified Boot State is Knox Verified Boot, which monitors and protects during the booting process in addition to Knox security built at a hardware level. Note that this feature is enabled by default on new devices released with Knox 3.3, but is unavailable to older devices with firmware updates to Knox 3.3.

 

Dual DAR

With single layer encryption, potential flaws in the implementation may result in a single point of failure. With Knox 3.3 comes dual encryption:

  • Two layers of encryption—Secure enterprise data with two layers of encryption, which provides protection to devices even while powered off or in an unauthenticated state.

 

Contact Storage Restrictions

  • Enterprise contact security—Restrict local contacts stored on enterprise devices to reduce the risk of losing contacts or becoming out of sync with enterprise contacts with Knox 3.3.

 

Knox on DeX

Samsung DeX now has a new feature to allow or restrict access using the Knox platform for added control and security.

 

Firewall updates

Knox 3.3 enhances permission management by enabling IT admins to block all IPs in a specified device while allowing specific domains to be allowlisted, even if the IPs were blocked using firewall policies.

 

VPN updates

  • Multi-app tunneling support—Enhance user experience when using VPN tunnels with the ability to connect with and start using business apps immediately after establishing a VPN tunnel.
  • Knox event and Android networking event synchronization—The Knox container seamlessly synchronizes with VPN by recognizing VPN client connection with no delay.

 

NPA updates

  • Gather analytics for long lasting network sessions—IT admins can now configure EMM-based NPA tools to efficiently collect network statistics while the network connection is ongoing.

 

Notice

Container Only Mode (COM) deprecation

Container Only Mode will be deprecated with the release of Galaxy S10 running Knox 3.3 or any device launched after.

NOTE—If you’re using COM/CL containers on a previous device, such as in the Galaxy S9 or S8, they will be supported until the end of life of the devices. See the bulletin notice for more information.

Learn more about this release by visiting the Knox features on Android.